This thread is now closed, please don't try to continue it.
- todd
If I'm explaining security or lack of security, or saying things like "this
is not enough", it's not as part of a speech that's meant to whine. I'll
explain: I could've just asked, in my first message, whether OpenBSD has a
mechanism like Ctrl-Alt-Delete on Windows, and whether it has sandboxing
fo
On Sunday, March 31, 2024, Jose Maldonado wrote:
> El Sun, 31 Mar 2024 01:10:15 +
> Dan escribió:
> > On Wednesday, March 27, 2024, Dan wrote:
> >
>
> Hi @list!
>
> Lots of discussion and useless talk when the solution is in your hands
> @Dan:
>
> 1.- Are you worried about the fact that app
El Sun, 31 Mar 2024 01:10:15 +
Dan escribió:
> On Wednesday, March 27, 2024, Dan wrote:
>
Hi @list!
Lots of discussion and useless talk when the solution is in your hands
@Dan:
1.- Are you worried about the fact that apps on X11 may suffer
input-spoofing? Great, start writing all the code
On Wednesday, March 27, 2024, Dan wrote:
> Hello, I have 3 security-related questions:
> (1) Does OpenBSD have a mechanism like Ctrl-Alt-Delete on Windows (Secure
> Attention Key, or SAK) to prevent malware (or a website in fullscreen, for
> example) from faking a logout process and/or faking a l
On Saturday, March 30, 2024, hahahahacker2009
wrote:
> Vào Th 7, 30 thg 3, 2024 vào lúc 11:19 Dan đã
> viết:
>
> >>
> >>
> >> > I've looked at the
> >> > source code and issue tracker of upstream Firefox in the past and it
> has
> >> > upstream support for pledge(2) and unveil(2).
> >>
> >> Gr
On Saturday, March 30, 2024, hahahahacker2009
wrote:
> Vào Th 6, 29 thg 3, 2024 vào lúc 07:40 Dan đã
> viết:
>
> > This only lists third-party packages that have an OpenBSD
> ports-originated addition of pledge/unveil configuration files; packages
> that use pledge/unveil without configuration
James Huddle :
> I live in post-2016 USA and have essentially given up hope of any sort of
> computer security.
Personal thought and from USA where the core of private data business resides.
Due to different reasons and the env I work in I results attacked very often
under OpenBSD, in X.
Hav
When X11 came to my attention, in the 1980's, it was called X11. "What," I
wondered back then, "could that mean?"
Back then, we would get to know new software long before version 11, so it
seemed an odd name. Back then.
It's been X11 for millennia. I discovered Exfiltrator (or Exfiltration,
'ex'
Replying now to cho...@jtan.com:
>[…] any
>application which uses the X server (ie. can access the tcp port
>or unix socket and has the correct xauth key […]
The default PF configuration blocks access to the ports, but only on
non-loopback interfaces.
https://github.com/openbsd/src/blob/master/etc/
(Note for everyone: This message is intended to shame a troll; if you're
here to follow the technical discussion only, feel free to skip reading
this message.)
~ | ~ | ~ | ~ | ~ | ~
On Friday, March 29, 2024, Jan Stary wrote:
> > > > (The person
> > > > you're replying to should be in the To fi
Luke A. Call writes:
>
> On 2024-03-29 09:01:07-0400, James Huddle wrote:
> > Exfiltrator. There's an 11-letter word that starts with "ex". X11.
>
> After a quick web search, I'm not sure I follow. Is that a reference to
> a program that exfiltrates data after a computer is compromised? Can yo
On 2024-03-29 09:01:07-0400, James Huddle wrote:
> Exfiltrator. There's an 11-letter word that starts with "ex". X11.
After a quick web search, I'm not sure I follow. Is that a reference to
a program that exfiltrates data after a computer is compromised? Can you
elaborate a little? I realize
Exfiltrator. There's an 11-letter word that starts with "ex". X11.
On Thu, Mar 28, 2024 at 7:39 PM Luke A. Call wrote:
> On 2024-03-28 17:28:56+0100, Jan Stary wrote:
> > > (2) I've learned that X11 allows locally running malware to sniff the
> > > keystrokes input to any other X11-using app
Replying now to Luke (luke...@onemodel.org):
Thank you, that's interesting! I appreciate that you're contributing a
meaningful answer to my questions, and I also appreciate that you're nice
to me. :)
Also h.kampm...@web.de seems to be nice to me, unless I misinterpreted what
they said (I'm not sure
On 2024-03-28 17:28:56+0100, Jan Stary wrote:
> > (2) I've learned that X11 allows locally running malware to sniff the
> > keystrokes input to any other X11-using app running under any user.
>
> I don't believe that's true.
> Where have you "learned" that, and how does that work?
> "Dear X11, wh
On Thu, Mar 28, 2024 at 09:16:45PM +, Dan wrote:
> You didn't "Reply All", so I didn't get your reply in my inbox. (The person
> you're replying to should be in the To field, and the mailing list in the
> Cc field.)
OH PUH-LEEZE.
No.
You send to a mailing list, people are supposed to reply
Hello,
when I read posts like @Dan's, I say to myself: Don't feed the troll.
Pointless.
Wish you all a nice weekend,
Heinz
Gesendet: Donnerstag, 28. März 2024 um 23:02 Uhr
Von: "Jan Stary"
An: misc@openbsd.org
Betreff: Re: Security questions: Login spoofing,
go away
On Mar 28 21:16:45, dan.peretz...@gmail.com wrote:
> You didn't "Reply All", so I didn't get your reply in my inbox. (The person
> you're replying to should be in the To field, and the mailing list in the
> Cc field.)
>
> >Even on windows; this has nothing to do with intercepting ctrl-alt
not in the mailing list world I've been using for close to 30 years
if you post to the mailing list I reply to the mailing list
On March 28, 2024 3:16:45 PM MDT, Dan wrote:
>You didn't "Reply All", so I didn't get your reply in my inbox. (The person
>you're replying to should be in the To fiel
You didn't "Reply All", so I didn't get your reply in my inbox. (The person
you're replying to should be in the To field, and the mailing list in the
Cc field.)
>Even on windows; this has nothing to do with intercepting ctrl-alt-del.
False. Ctrl-Alt-Delete cannot be intercepted on Windows without
> (1) Does OpenBSD have a mechanism like Ctrl-Alt-Delete on Windows (Secure
> Attention Key, or SAK) to prevent malware (or a website in fullscreen, for
> example) from faking a logout process and/or faking a login prompt? On
> Windows the kernel ensures that the operating system captures this key
Hello, I have 3 security-related questions:
(1) Does OpenBSD have a mechanism like Ctrl-Alt-Delete on Windows (Secure
Attention Key, or SAK) to prevent malware (or a website in fullscreen, for
example) from faking a logout process and/or faking a login prompt? On
Windows the kernel ensures that the
23 matches
Mail list logo